This is a mirror of Richard Hundhausen's (aka The DBAgilist) blog "Tales from the Doghouse."

Any SQL Injectors out there?

SQL Injection attacks are a well know exploit of insecure database systems. If you
don't know about SQL Injection, you can change that by visiting Wikipedia.

If you feel like injecting some SQL into your site, you should visit the SQL
Injection Cheat Sheet page for all of the approaches. As the author mentions,
only MySQL, Microsoft SQL Server, (some) ORACLE, and (some) PostgreSQL are supported
and that most of the samples are not correct for every situation.